Go Phish: Anuj Goel, CEO and Co-founder, Cyware

Go Phish: Anuj Goel, CEO and Co-founder, Cyware

Anuj Goel, CEO and Co-founder, Cyware

What would you describe as your most memorable achievement in the cybersecurity industry?

By far, my most memorable achievement has been founding Cyware with Akshat Jain. When we began our journey, we had a vision of creating an organisation that could act as the cornerstone of the next generation security paradigm and being able to actualise this and watch its growth in real-time has been amazing.

Building a company from the ground up is incredibly challenging, especially when you are trying to solve the core security challenges facing every organisation. But, in 2019, our vision came together when we built a virtual cyber fusion centre – a platform that had the capability to create a collective defence of good actors against adversaries.

What first made you think of a career in cybersecurity?

My interests have always aligned around computers and technology. In the 90s, when consumerism around computer technology really began to take off, I was fascinated by it all, but what really caught my attention were the global headlines at the time around virus attacks in the early 2000s. Since those early days, I’ve gone on to achieve a Masters in Computer Science and a Ph.D. in Information Engineering which set the foundation for me to develop a career in the field.

When I entered the workforce, I was able to delve into the world of networking technologies. My interest in cybersecurity grew alongside the evolution of network and endpoint security areas, the rise of data protection and security monitoring. As these technologies were developing, however, I also began observing first-hand how isolated security teams and technologies used by them were, usually due to the governance structure within organisations and then the siloed decision made for purchasing those tools.

What style of management philosophy do you employ with your current position?

The most important thing to me has always been learning from my mentors and peers, harnessing best practices and continuously striving for improvement in all endeavours. Those who I’ve looked up to in my career have consistently emphasised the importance of embracing what you can learn, observing how successful individuals tackle challenges and collaborate effectively. This arms you with the ability to take the wisdom and skills you’ve acquired and infuse them with your unique approach.

Now as someone who manages a team, I can pass on the knowledge I’ve accumulated and help others find their own unique paths. While it’s valuable to understand established methods, it’s equally important to carve out your distinctive niche and style and ensure that you don’t overly rely on someone else’s strategy throughout your entire career.

What do you think is the current hot cybersecurity talking point?

Security collaboration. Cybersecurity teams are fragmented, both internally and externally. Organisations of all sizes are facing the challenge of identifying the threats which truly pose the greatest risks to their business. While threat intelligence is a valuable resource in this area, there is still the task of parsing, correlating and prioritising the vast amounts of data into a single source of truth. As such, the next step is to connect the dots. This approach to cybersecurity – cyber fusion – is desperately needed to bring together all security functions (threat intelligence, security automation, threat response, security orchestration, incident response etc.) and allow organisations to then manage and respond to threats in a cohesive manner.

How do you deal with stress and unwind outside the office?

Dealing with stress effectively is crucial for maintaining both personal and professional balance. For me, the key is engaging in activities that promote both physical and mental wellbeing. I enjoy walking – both short, brisk walks and long ones. Beyond exercise, I also prioritise activities that offer mental relaxation and stimulation. I like reading books and watching thoughtful documentaries. But spending quality time with family and friends is the biggest stress buster. Disconnecting from work-related thoughts and immersing myself in these activities helps me recharge.

If you could go back and change one career decision, what would it be?

People take decisions throughout their professional journey and not all of them turn out to be perfect. If I were to look back, there isn’t a specific decision I would pinpoint to change. Every career decision that I have taken until now, whether it turned out as expected or not, has contributed significantly to my professional growth and development. I view each of those decisions as a valuable learning opportunity. The choices that didn’t turn out as anticipated were especially instrumental in this learning process. They taught me resilience, adaptability and have been crucial in shaping my approach to leadership and decision-making.

What do you currently identify as the major areas of investment in the cybersecurity industry?

Ransomware and supply chain attacks are currently dominating the threat landscape and, as such, investment into combating these is a major area of concern. They are huge threats not only to the security of a company, but also its financial viability. Ransomware payments continue to skyrocket; since ransomware was first introduced in 2014, payments have exceeded US$60 billion globally. This does not include remediation costs, new software costs, massive patching efforts, etc.

Are there any differences in the way cybersecurity challenges need to be tackled in the different regions?

The US and UK are facing huge cybersecurity challenges. However, at the same time, they are also well positioned to defend against oncoming threats; their security preparedness is relatively more mature than other countries because they have been investing in the industry for so long. As a result, the challenges felt in the US and UK are different from those in emerging economies. In these regions, the challenges are centred around a lack of collaboration, intelligence sharing and supply chain security, for example.

On the other hand, in emerging economies, the cybersecurity infrastructure is still on its way to gaining maturity. As such, they can’t collaborate or share intelligence unless they internally have a way to collect, process, or action intelligence. So, for developing countries, threat intelligence operations are the major challenges.

What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?

In the past year the world has changed rapidly due to AI advancements. My focus has been on adapting our strategies to evolving market needs and integrating AI into our products. Looking forward, I anticipate forging strategic partnerships to bolster our technological edge, and continuously innovating in the predictive cybersecurity space. This approach is aligned with our commitment to staying at the forefront of AI-driven cybersecurity solutions.

What advice would you offer somebody aspiring to obtain a C-level position in the security industry?

Aspiring to a C-level position in the security industry requires more than passion; it demands a deep understanding of the evolving cybersecurity landscape. Emphasise continuous learning, innovation and adaptability. Build on your strengths and mitigate weaknesses, but also develop strategic vision and leadership skills. Stay informed about emerging threats and trends and cultivate a proactive security culture. Success lies in combining personal growth with a commitment to driving industry advancements.

Click below to share this article

Browse our latest issue

Intelligent CISO

View Magazine Archive